-
Notifications
You must be signed in to change notification settings - Fork 15
Multi Protocol Payloads
The Sliver framework originally allows you to generate implants with multiple C2 protocols, so that failure to connect over one protocol/one connection domain will result in a fallback to the next one.
The payload module structure of Wiregost is just a way to provide a more refactored implant generation toolset. For instance, if you just want to generate an MTLS implant, you will know which module to use and you will know that no other connection string/protocol will be mistakenly compiled in it.
However, to provide the useful feature of Sliver (and given that, at the end of the day, all payload modules make use of the same compilation code), Wiregost includes a Multi-Protocol Payload module.
This module includes all options that are common to DNS/MTLS/HTTP(S) implants, but also the specific ones. You can see below that :
- Listener options gather all listener options for the 3 other payload types
- Implant options gather all Domain-specific options for the 3 payload implant types.
You will then need to provide at least one C2 Domain string, (you don't need to specify connection strings for all 3 C2 protocols), and you will be good to generate the implant.
Once again, all listener options are here to allow you to specify your listener settings according to the implant. When running to_listener
, Wiregost will automatically spawn the listeners for which options are set !